Bugtraq: by thread
274 messages
starting Apr 01 10 and
ending Apr 30 10
Date index |
Thread index |
Author index
- [USN-922-1] libnss-db vulnerability Kees Cook (Apr 01)
- VUPEN Security Research - Apple iTunes ColorSync Profile Integer Overflow Vulnerability VUPEN Security Research (Apr 01)
- VUPEN Security Research - Apple Quicktime PICT Processing Integer Overflow Vulnerability VUPEN Security Research (Apr 01)
- CSRF Vulnerability in OSSIM 2.2.1 nicolas . grandjean (Apr 01)
- VUPEN Security Research - Sun Java JDK/JRE Unpack200 Buffer Overflow Vulnerability VUPEN Security Research (Apr 01)
- Zabbix <= 1.8.1 SQL Injection Dawid Golunski (Apr 01)
- DynPG CMS v4.1.0 Multiple Remote File Inclusion Vulnerability eidelweiss (Apr 01)
- <Possible follow-ups>
- Re: DynPG CMS v4.1.0 Multiple Remote File Inclusion Vulnerability eidelweiss (Apr 05)
- VUPEN Security Research - Apple Quicktime FLC Encoded Movie Heap Overflow Vulnerability VUPEN Security Research (Apr 01)
- VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Pointer Vulnerability VUPEN Security Research (Apr 01)
- VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability VUPEN Security Research (Apr 01)
- Juniper SRX Critical Denial of Service Vulnerability J. Oquendo (Apr 01)
- VUPEN Security Research - Apple Quicktime PICT Handling Heap Overflow Vulnerability VUPEN Security Research (Apr 01)
- VMSA-2010-0006 ESX Service Console updates for samba and acpid VMware Security Team (Apr 01)
- Vulnerability Centreon IT & Network Monitoring v2.1.5 Mehdi Mahdjoub - Sysdream IT Security Services (Apr 05)
- [SECURITY] [DSA 2026-1] New netpbm-free packages fix denial of service Giuseppe Iuculano (Apr 05)
- ZDI-10-033: Microsoft Internet Explorer TIME2 Behavior Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-034: Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-035: Apple QuickTime genl Atom Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-036: Apple QuickTime H.263 PictureHeader Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-037: Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-038: Apple QuickTime QDMC/QDM2 Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-039: Apple OS X Internet Enabled Disk Image Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-040: Apple QuickTime RLE Bit Depth Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-041: Apple QuickTime QDM2/QDCA Atom Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-043: Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-044: Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- [SECURITY] [DSA 2027-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Apr 05)
- Apple Safari <= Tag (heap spray) Remote Buffer Overflow Exploit (osX) eidelweiss (Apr 05)
- ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-045: Apple QuickTime MPEG-1 genl Atom Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-046: Mozilla Firefox Web Worker Array Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-054: Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-047: Mozilla Firefox libpr0n imgContainer Bits-Per-Pixel Change Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-053: Sun Java Runtime Environment MIDI File metaEvent Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-060: Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-048: Mozilla Firefox nsTreeContentView Dangling Pointer Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-051: Sun Java Runtime RMIConnectionImpl Privileged Context Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-050: Mozilla Firefox nsTreeSelection EventListener Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-061: Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-058: Apple Mac OS X ImageIO Framework JPEG2000 Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-052: Sun Java Runtime Environment XNewPtr Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-057: Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-059: Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-055: Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability ZDI Disclosures (Apr 05)
- [SECURITY] [DSA 2028-1] New xpdf packages fix several vulnerabilities Luciano Bello (Apr 05)
- [security bulletin] HPSBMA02490 SSRT090222 rev.2 - HP SOA Registry Foundation, Remote Unauthorized Access to Data, Cross Site Scripting (XSS), Privilege Escalation security-alert (Apr 05)
- Vulnerabilities in HoloCMS MustLive (Apr 05)
- ZDI-10-049: Mozilla Firefox PluginArray nsMimeType Dangling Pointer Remote Code Execution Vulnerability ZDI Disclosures (Apr 05)
- ZDI-10-063: Mozilla Firefox Cross Document DOM Node Moving Code Execution Vulnerability ZDI Disclosures (Apr 06)
- ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities ZDI Disclosures (Apr 06)
- Vulnerabilities in TAK cms MustLive (Apr 06)
- [SECURITY] [DSA 2029-1] New imlib2 packages fix arbitrary code execution Nico Golde (Apr 06)
- Miranda TLS MitM with XMPP/Jabber protocol Jan Schejbal (Apr 06)
- Hack.lu 2010 CfP info (Apr 06)
- CA20100406-01: Security Notice for CA XOsoft Kotas, Kevin J (Apr 06)
- ZDI-10-065: CA XOsoft xosoapapi.asmx Multiple Remote Code Execution Vulnerabilities ZDI Disclosures (Apr 06)
- MITKRB5-SA-2010-003 [CVE-2010-0629] denial of service in kadmind in older krb5 releases Tom Yu (Apr 06)
- ZDI-10-066: CA XOsoft Control Service entry_point.aspx Remote Code Execution Vulnerability ZDI Disclosures (Apr 06)
- ZDI-10-067: Apple QuickTime Pict BkPixPat Remote Code Execution Vulnerability ZDI Disclosures (Apr 06)
- [SECURITY] [DSA 2030-1] New mahara packages fix sql injection Nico Golde (Apr 06)
- CORE-2010-0323: XSS Vulnerability in NextGEN Gallery Wordpress Plugin CORE Security Technologies Advisories (Apr 07)
- [ MDVSA-2010:069 ] nss security (Apr 07)
- [USN-923-1] OpenJDK vulnerabilities Kees Cook (Apr 07)
- [USN-924-1] Kerberos vulnerabilities Kees Cook (Apr 07)
- Vulnerabilities in Dunia Soccer MustLive (Apr 08)
- Re: Vulnerabilities in Dunia Soccer Susan Bradley (Apr 09)
- Re: Vulnerabilities in Dunia Soccer MustLive (Apr 09)
- Re: Vulnerabilities in Dunia Soccer Susan Bradley (Apr 09)
- Re: Vulnerabilities in Dunia Soccer MustLive (Apr 09)
- Re: Vulnerabilities in Dunia Soccer Susan Bradley (Apr 09)
- [HITB-Announce] FINAL CALL - CFP for HITBSecConf2010 Amsterdam Hafez Kamal (Apr 08)
- DeepSec 2010 - Call for Papers and Experts DeepSec Conference (Apr 08)
- TCPDF Library Remote Code Execution Vulnerability Matthias -apoc- Hecker (Apr 08)
- Vulnerabilities in CMS SiteLogic MustLive (Apr 08)
- <Possible follow-ups>
- Vulnerabilities in CMS SiteLogic MustLive (Apr 12)
- [USN-925-1] MoinMoin vulnerabilities Jamie Strandboge (Apr 08)
- Secunia Research: Pulse CMS Arbitrary File Upload Vulnerability Secunia Research (Apr 09)
- [USN-926-1] ClamAV vulnerabilities Jamie Strandboge (Apr 09)
- Secunia Research: Pulse CMS Cross-Site Request Forgery Secunia Research (Apr 09)
- VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues VMware Security team (Apr 09)
- [USN-624-2] Erlang vulnerability Jamie Strandboge (Apr 09)
- ZDI-10-068: Apple QuickTime H.263 Array Index Parsing Remote Code Execution Vulnerability ZDI Disclosures (Apr 09)
- WinSoftMagic Photo Editor .PNG File Buffer Overflow eidelweiss (Apr 09)
- JAVA web start arbitrary command-line injection - "-XXaltjvm" arbitrary dll loading (0day) Reversemode (Apr 09)
- Vulnerabilities in phpCOIN MustLive (Apr 09)
- Re: Vulnerabilities in phpCOIN Susan Bradley (Apr 12)
- Secunia Research: VMWare VMnc Codec HexTile Encoding Two Integer Truncation Vulnerabilities Secunia Research (Apr 09)
- Secunia Research: VMWare VMnc Codec HexTile Encoding Buffer Overflow Secunia Research (Apr 09)
- VUPEN Security Research - VMware Products Movie Decoder Heap Overflow Vulnerability VUPEN Security Research (Apr 12)
- HITBSecConf DUBAI 2010: Learn more about web attacks and stealth hacking Laurent OUDOT at TEHTRI-Security (Apr 12)
- AneCMS Multiple Vulnerabilities admin (Apr 12)
- [USN-927-3] Thunderbird regression Jamie Strandboge (Apr 12)
- CVE-2009-4510: TANDBERG VCS Static SSH Host Keys VSR Advisories (Apr 12)
- [SECURITY] [DSA 2031-1] New krb5 packages fix denial of service Giuseppe Iuculano (Apr 12)
- CVE-2009-4511: TANDBERG VCS Arbitrary File Retrieval VSR Advisories (Apr 12)
- [USN-927-2] NSS regression Jamie Strandboge (Apr 12)
- [SECURITY] [DSA 2032-1] New libpng packages fix several vulnerabilities Giuseppe Iuculano (Apr 12)
- iDefense Security Advisory 04.09.10: VMware VMnc Codec Heap Overflow Vulnerability iDefense Labs (Apr 12)
- CVE-2009-4509: TANDBERG VCS Authentication Bypass Timothy D. Morgan (Apr 12)
- [USN-920-1] Firefox 3.0 and Xulrunner vulnerabilities Jamie Strandboge (Apr 12)
- [USN-927-1] NSS vulnerability Jamie Strandboge (Apr 12)
- [USN-921-1] Firefox 3.5 and Xulrunner vulnerabilities Jamie Strandboge (Apr 12)
- ACROS Security: Local Binary Planting in VMware Tools for Windows (ASPR #2010-04-12-2) ACROS Lists (Apr 13)
- Vana CMS Remote File Download info (Apr 13)
- Advisory 01/2010: MyBB Password Reset Email BCC: Injection Vulnerability Stefan Esser (Apr 13)
- Insufficient Anti-automation and Denial of Service vulnerabilities in multiple systems MustLive (Apr 13)
- ACROS Security: Remote Binary Planting in VMware Tools for Windows (ASPR #2010-04-12-1) ACROS Lists (Apr 13)
- Advisory 02/2010: MyBB Password Reset Weak Random Numbers Vulnerability Stefan Esser (Apr 13)
- [security bulletin] HPSBPI02398 SSRT080166 rev.5 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files security-alert (Apr 13)
- Imperva SecureSphere Web Application Firewall and Database Firewall Bypass Vulnerability Clear Skies Security (Apr 14)
- Micropoint Proactive Denfense Mp110013.sys <= 1.3.10123.0 Local Privilege Escalation Exploit dlrow1991 (Apr 14)
- ZDI-10-071: Adobe Reader TrueType Font Handling Remote Code Execution Vulnerability ZDI Disclosures (Apr 14)
- Unauthenticated Filesystem Access in iomega Home Media Network Hard Drive fizix610 (Apr 14)
- ZDI-10-073: Sun Microsystems Directory Server DSML-over-HTTP Username Search Denial of Service Vulnerability ZDI Disclosures (Apr 14)
- ZDI-10-075: Sun Microsystems Directory Server Enterprise DSML UTF-8 Denial of Service Vulnerability ZDI Disclosures (Apr 14)
- ZDI-10-069: Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability ZDI Disclosures (Apr 14)
- RJ-iTop Network Vulnerability Scanner System Multiple SQL Injection Vulnerabilities wsn1983 (Apr 14)
- Secunia Research: Visualization Library DAT File Parsing Vulnerabilities Secunia Research (Apr 14)
- ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Apr 14)
- [ MDVSA-2010:070 ] firefox security (Apr 14)
- [ MDVSA-2010:072 ] cups security (Apr 14)
- 60cycleCMS (DOCUMENT_ROOT) Multiple Local File Inclusion Vulnerability eidelweiss (Apr 14)
- [ MDVSA-2010:071 ] krb5 security (Apr 14)
- Cert-Lexsi - Microsoft Windows Media Services MMS Buffer Overflow Vulnerability Fabien PERIGAUD (Apr 14)
- [security bulletin] HPSBUX02517 SSRT100058 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS) security-alert (Apr 14)
- ZDI-10-070: Microsoft Windows Media Player Codec Retrieval Dangling Pointer Remote Code Execution Vulnerability ZDI Disclosures (Apr 14)
- [ MDVSA-2010:073-1 ] cups security (Apr 15)
- VUPEN Security Research - Adobe Acrobat and Reader PNG Data Buffer Overflow Vulnerability VUPEN Web Research (Apr 15)
- Nucleus CMS v.3.51 (DIR_LIBS) Multiple Vulnerability eidelweiss (Apr 15)
- Ziggurat CMS Multiple Vulnerabilities info (Apr 15)
- [ MDVSA-2010:073 ] cups security (Apr 15)
- VUPEN Security Research - Adobe Acrobat and Reader GIF Data Buffer Overflow Vulnerability VUPEN Web Research (Apr 15)
- VUPEN Web Security Research - WebAsyst Shop-Script Multiple Input Validation Vulnerabilities VUPEN Web Research (Apr 15)
- VUPEN Security Research - Adobe Acrobat and Reader JPEG Data Buffer Overflow Vulnerability VUPEN Web Research (Apr 15)
- VUPEN Security Research - Adobe Acrobat and Reader BMP Data Buffer Overflow Vulnerability VUPEN Web Research (Apr 15)
- [DSecRG-09-053] VMware Remoute Console - format string Alexandr Polyakov (Apr 15)
- [DSECRG-09-049] IBM BladeCenter Management Module - DoS vulnerability Alexandr Polyakov (Apr 15)
- Cisco Security Advisory: Cisco Secure Desktop ActiveX Control Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Apr 15)
- Vulnerability in CB Captcha for Joomla and Mambo MustLive (Apr 15)
- Re: Vulnerability in CB Captcha for Joomla and Mambo Susan Bradley (Apr 16)
- Re: Vulnerability in CB Captcha for Joomla and Mambo James Martin (Apr 19)
- Re: Vulnerability in CB Captcha for Joomla and Mambo Susan Bradley (Apr 19)
- Re: Vulnerability in CB Captcha for Joomla and Mambo Matteo Valenza (Apr 19)
- Re: Vulnerability in CB Captcha for Joomla and Mambo MustLive (Apr 19)
- Re: Vulnerability in CB Captcha for Joomla and Mambo James Martin (Apr 19)
- <Possible follow-ups>
- Re: Vulnerability in CB Captcha for Joomla and Mambo nant (Apr 16)
- Re: Vulnerability in CB Captcha for Joomla and Mambo nant (Apr 19)
- Re: Re: Vulnerability in CB Captcha for Joomla and Mambo none (Apr 20)
- Re: Vulnerability in CB Captcha for Joomla and Mambo MustLive (Apr 28)
- Re: Vulnerability in CB Captcha for Joomla and Mambo Susan Bradley (Apr 16)
- [CVE-2010-0432] Apache OFBiz Multiple XSS Vulnerabilities Jacopo Cappellato (Apr 15)
- ZDI-10-072: Cisco Secure Desktop CSDWebInstaller ActiveX Control Remote Code Execution Vulnerability ZDI Disclosures (Apr 15)
- [USN-928-1] Sudo vulnerability Jamie Strandboge (Apr 16)
- [SECURITY] [DSA 2033-1] New ejabberd packages fix denial of service Sébastien Delafond (Apr 16)
- [ MDVSA-2010:074 ] kdebase security (Apr 16)
- [USN-929-1] irssi vulnerabilities Jamie Strandboge (Apr 16)
- Hackproofing Oracle Financials 11i & R12 Joxean Koret (Apr 16)
- [USN-890-6] CMake vulnerabilities Jamie Strandboge (Apr 16)
- [ MDVSA-2010:075 ] openoffice.org security (Apr 16)
- ZDI-10-076: Apple Preview libFontParser SpecialEncoding Remote Code Execution Vulnerability ZDI Disclosures (Apr 16)
- [ MDVSA-2010:080 ] brltty security (Apr 19)
- [SECURITY] [DSA 2036-1] New jasper packages fix denial of service Thijs Kinkhorst (Apr 19)
- [ MDVSA-2010:076 ] openssl security (Apr 19)
- WinMount MOU File Handling Overflow Vulnerability lilf (Apr 19)
- Secunia Research: e107 Avatar/Photograph Image File Upload Vulnerability Secunia Research (Apr 19)
- [ MDVSA-2010:081 ] apache-mod_auth_shadow security (Apr 19)
- [Suspected Spam]New vulnerabilities in CMS SiteLogic MustLive (Apr 19)
- Re: [Suspected Spam]New vulnerabilities in CMS SiteLogic Salvatore Fresta aka Drosophila (Apr 20)
- Re: New vulnerabilities in CMS SiteLogic MustLive (Apr 26)
- Message not available
- New vulnerabilities in CMS SiteLogic Salvatore Fresta aka Drosophila (Apr 26)
- Re: New vulnerabilities in CMS SiteLogic MustLive (Apr 26)
- Re: [Suspected Spam]New vulnerabilities in CMS SiteLogic Salvatore Fresta aka Drosophila (Apr 20)
- Re: sudoedit local privilege escalation through PATH manipulation Ansgar Wiechers (Apr 20)
- Re: sudoedit local privilege escalation through PATH manipulation Agazzini Maurizio (Apr 22)
- <Possible follow-ups>
- [security bulletin] HPSBUX02508 SSRT100007 rev.2 - HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access Morris, John R. (SSRT) (Apr 26)
- Re: Vulnerabilities in NovaBoard terry white (Apr 23)
- Re: Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918 addresses) Paul Schmehl (Apr 27)
- Re: Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918addresses) Dominik George (Apr 27)
- <Possible follow-ups>
- XSS vulnerability in Zikula Application Framework advisory (Apr 27)
- Re: STP mitm attack idea Jann Horn (Apr 28)
- Re: STP mitm attack idea news (Apr 29)
- Re: STP mitm attack idea Joel Maslak (Apr 29)
- Re: STP mitm attack idea Jean-Christophe Baptiste (Apr 29)
- Re: STP mitm attack idea news (Apr 29)
- Re: STP mitm attack idea wlet (Apr 29)
- RE: STP mitm attack idea Stefan Laudat (Apr 29)
- <Possible follow-ups>
- Re: STP mitm attack idea Jason T. Masker (Apr 29)
- Re: STP mitm attack idea Ivan Jager (Apr 29)
- RE: STP mitm attack idea Williams, Dan (Apr 30)
- Re: STP mitm attack idea Ivan Jager (Apr 29)